Your message dated Thu, 12 Dec 2013 21:22:42 +0000 with message-id <e1vrdiu-00029s...@franck.debian.org> and subject line Bug#731895: fixed in php5 5.5.7+dfsg-1 has caused the Debian Bug report #731895, regarding php5: CVE-2013-6420: memory corruption in openssl_x509_parse() to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 731895: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731895 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: php5 Severity: grave Tags: security upstream patch Hi, the following vulnerability was published for php5. CVE-2013-6420[0]: php: memory corruption in openssl_x509_parse() The upstream commit is found at [1]. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 http://security-tracker.debian.org/tracker/CVE-2013-6420 [1] http://git.php.net/?p=php-src.git;a=commitdiff;h=c1224573c773b6845e83505f717fbf820fc18415 Please adjust the affected versions in the BTS as needed; could you check if squeeze and wheezy are affected as well? Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: php5 Source-Version: 5.5.7+dfsg-1 We believe that the bug you reported is fixed in the latest version of php5, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 731...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ondřej Surý <ond...@debian.org> (supplier of updated php5 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 12 Dec 2013 20:49:21 +0100 Source: php5 Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-fpm libphp5-embed php5-dev php5-dbg php-pear php5-curl php5-enchant php5-gd php5-gmp php5-imap php5-interbase php5-intl php5-ldap php5-mcrypt php5-readline php5-mysql php5-mysqlnd php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl Architecture: source all amd64 Version: 5.5.7+dfsg-1 Distribution: unstable Urgency: high Maintainer: Debian PHP Maintainers <pkg-php-ma...@lists.alioth.debian.org> Changed-By: Ondřej Surý <ond...@debian.org> Description: libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module) libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo libphp5-embed - HTML-embedded scripting language (Embedded SAPI library) php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (metapackage) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dbg - Debug symbols for PHP5 php5-dev - Files for PHP5 module development php5-enchant - Enchant module for php5 php5-fpm - server-side, HTML-embedded scripting language (FPM-CGI binary) php5-gd - GD module for php5 php5-gmp - GMP module for php5 php5-imap - IMAP module for php5 php5-interbase - interbase/firebird module for php5 php5-intl - internationalisation module for php5 php5-ldap - LDAP module for php5 php5-mcrypt - MCrypt module for php5 php5-mysql - MySQL module for php5 php5-mysqlnd - MySQL module for php5 (Native Driver) php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-readline - Readline module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Closes: 730528 731895 Changes: php5 (5.5.7+dfsg-1) unstable; urgency=high . * New upstream version 5.5.7+dfsg + [CVE-2013-6420]: Fix memory corruption in openssl_x509_parse (Closes: #731895) * Enable dtrace/systemtap support (Closes: #730528) Checksums-Sha1: 45561571b9aa70e6872ec5e489a0de278c8b95f0 3956 php5_5.5.7+dfsg-1.dsc 6eb0fe206336e03740a6c7d7c72dd2c7fd28c9b4 10823400 php5_5.5.7+dfsg.orig.tar.xz 74fdb2ec17239db3d463ef315af7db4c9d7f4390 135646 php5_5.5.7+dfsg-1.debian.tar.gz ccff0c238cba36dba881e489e7ddb4e301c3ffb3 1254 php5_5.5.7+dfsg-1_all.deb aedeee3c025b46f69656355451c0938b27179168 266898 php-pear_5.5.7+dfsg-1_all.deb 2e3d01cc35fa8fd7ac274de0630614a9097afe3c 352862 php5-common_5.5.7+dfsg-1_amd64.deb 1cf18373b9c48920176e15e67b2d7bb12e1bad3a 2137580 libapache2-mod-php5_5.5.7+dfsg-1_amd64.deb e823b0d7cfe8f6ebf2725148a1a97fef2c579c2f 2136906 libapache2-mod-php5filter_5.5.7+dfsg-1_amd64.deb 71d78369cdef36c8b73462773be01a1ffe0aba8a 4105944 php5-cgi_5.5.7+dfsg-1_amd64.deb 1f1feebf4f65c7d0682966839a88b1ddea7ffb0e 2090410 php5-cli_5.5.7+dfsg-1_amd64.deb aacd07e3d6f2255fb1f4b5298fc259e54eed224b 2116214 php5-fpm_5.5.7+dfsg-1_amd64.deb c87419a96b760d99967fecfba588847dbbcace45 2134202 libphp5-embed_5.5.7+dfsg-1_amd64.deb fcc413c018c72e0664d0b38ccd6bd3cb662b45cf 349644 php5-dev_5.5.7+dfsg-1_amd64.deb 09b06a47ed528c5bf4e3592fce9d50e7d04d553e 30295604 php5-dbg_5.5.7+dfsg-1_amd64.deb 55d48341af768c0838357843e30289d2a95bdd66 27034 php5-curl_5.5.7+dfsg-1_amd64.deb db8a4c3f20cadcee0de0c0979433a2598289c14e 9068 php5-enchant_5.5.7+dfsg-1_amd64.deb 3f54d2cff82a433655d2227d95820bc484110ae4 27430 php5-gd_5.5.7+dfsg-1_amd64.deb 8915740699649e9db12108de442dcd1c08184a17 14624 php5-gmp_5.5.7+dfsg-1_amd64.deb 50a9f7cb1ba3d5316f3585154311605e205e08b2 30014 php5-imap_5.5.7+dfsg-1_amd64.deb 5135513e4e777deca1cae5c1eb84d1c20c1c0f7a 41398 php5-interbase_5.5.7+dfsg-1_amd64.deb c64a6844502a55d7dddfcc4b5e84f00894edd230 108566 php5-intl_5.5.7+dfsg-1_amd64.deb 13b620ff565b869599227b147132565a11e43b13 18906 php5-ldap_5.5.7+dfsg-1_amd64.deb 95d7fb60094d96fb5d8dcf9aa71e0ed1bfb302d7 13998 php5-mcrypt_5.5.7+dfsg-1_amd64.deb c1f43c53a71709c60779ec3dcc25e3b676fa23de 11980 php5-readline_5.5.7+dfsg-1_amd64.deb 8455bd07cd5ff83f3aa594928149bdda4e61136d 62838 php5-mysql_5.5.7+dfsg-1_amd64.deb 31483c339469e42f9551b8ec22ced7865bb9d145 134724 php5-mysqlnd_5.5.7+dfsg-1_amd64.deb 853acfb63695ad3ab8b9f6fed11e33148737db9a 30180 php5-odbc_5.5.7+dfsg-1_amd64.deb 5cb742657ea285fdf7c44bd1f8b8bab2f4dba23a 51448 php5-pgsql_5.5.7+dfsg-1_amd64.deb 3baf215d4a047120669e664d620b7266c6b5b0d0 8016 php5-pspell_5.5.7+dfsg-1_amd64.deb d99d14b0177527f559461c56786d59fb98049f42 5388 php5-recode_5.5.7+dfsg-1_amd64.deb d8a5b227f67fc6a1f4a7ca968003531b702a0fc8 19058 php5-snmp_5.5.7+dfsg-1_amd64.deb d18e75b4646f9424c27fc079abf994e687fb4260 24042 php5-sqlite_5.5.7+dfsg-1_amd64.deb 72a7a82eee23c52d5b0bc0a9241cc92f8189ed71 23822 php5-sybase_5.5.7+dfsg-1_amd64.deb 83128c5f5890e7063916e47d225ed3aae835f3d2 16112 php5-tidy_5.5.7+dfsg-1_amd64.deb d1824ce97a39d64f802f134a6522768acf57372d 35018 php5-xmlrpc_5.5.7+dfsg-1_amd64.deb 273d5e8ebac1b8c3ec383bf7033dcf928140ae45 13734 php5-xsl_5.5.7+dfsg-1_amd64.deb Checksums-Sha256: c1154c5b1f84624b00ad27b2a9c270535e7aa33203257a14c69b66b50c5a0797 3956 php5_5.5.7+dfsg-1.dsc 39f1fb9042950307e58b8e1ec300a636c7fee6117ef00bc2ea8751920e44ab3a 10823400 php5_5.5.7+dfsg.orig.tar.xz 895eaf53abdc7d880d5be0f2ba0914210b979014de007a9b7d8e3bcc3c55686c 135646 php5_5.5.7+dfsg-1.debian.tar.gz 7d23c7178b4dbbee0f1616df0c7d7dda694476f70333821c3b2fc5d4f01a23b1 1254 php5_5.5.7+dfsg-1_all.deb 4d3fa954d131b994269fc15b58e2819abdb4f035370e2da785d4a589a4c1e63c 266898 php-pear_5.5.7+dfsg-1_all.deb 363bb95f53acaa38e182f8a2a9ac28021211e5ea5e45c860f31bc1f725fa07af 352862 php5-common_5.5.7+dfsg-1_amd64.deb 8bfbd34680636962c801897e8a0d58471972fd09f851be19f34fcce8d662a15a 2137580 libapache2-mod-php5_5.5.7+dfsg-1_amd64.deb edeefe2f3843a06683baa3a45b0c74ac70293013a983b76f9ac3ea746b156c3a 2136906 libapache2-mod-php5filter_5.5.7+dfsg-1_amd64.deb 95bf3fb97d4c618299cf66d10c1479ce755c73b6a1e0523e9ecca3556b4723eb 4105944 php5-cgi_5.5.7+dfsg-1_amd64.deb d56e9bfbd5b699c9c516acb116de468bac7603a377617d6474ccf68833ef5cc6 2090410 php5-cli_5.5.7+dfsg-1_amd64.deb eee57386f10715fb18c7c409ca34de199f1e5e9847f49a439bfc7a11738b0feb 2116214 php5-fpm_5.5.7+dfsg-1_amd64.deb fe43f2b17d99866532561ea9f3b0e61bdaf869545e115b08a415163883661aab 2134202 libphp5-embed_5.5.7+dfsg-1_amd64.deb 1677820898e2fb3d2a2a353777eb805d5104884a2b3dcbaff25ea40e5fc15801 349644 php5-dev_5.5.7+dfsg-1_amd64.deb e1872e7a99aef90aa1a486f3d072dcfef4c82fc39bfeb583bad87d2ab9c11bf8 30295604 php5-dbg_5.5.7+dfsg-1_amd64.deb bd653941cf0fc766bda73e99819b673e2ac04ee6697897c25d0fb925c8f158eb 27034 php5-curl_5.5.7+dfsg-1_amd64.deb f93373efa5c99791c752405e6fb08e2c2fccad094ee4c3f51f6f74ef8e113abb 9068 php5-enchant_5.5.7+dfsg-1_amd64.deb 0f8287033a8e91089b7b757f1aded0702ef797b498f3d86698163f3c928db2e5 27430 php5-gd_5.5.7+dfsg-1_amd64.deb bba87eba5ec02afc91ee2ec8bfb2845d2f23af858415e99c94ff9a7ecae939d6 14624 php5-gmp_5.5.7+dfsg-1_amd64.deb 1bed486f01502b1ec7be9a9381e713c563a562b7ac30fe29d9043f8a37d2a544 30014 php5-imap_5.5.7+dfsg-1_amd64.deb 72d9bb5fbb22acc4118555dd8bd6d75bab04ad3c16e056f14dd92078ef686932 41398 php5-interbase_5.5.7+dfsg-1_amd64.deb 1ce6198557e1cad3ddaa0c7aab688bd806a59d9f234576354084c7b0187c1680 108566 php5-intl_5.5.7+dfsg-1_amd64.deb d995ea37dda537955c6fb838623d90aae5d64be7d1039d67672744ea2911d816 18906 php5-ldap_5.5.7+dfsg-1_amd64.deb 272b737479a662791ca784c8eef4cb3a08d153d4244b5949a92f996c38624010 13998 php5-mcrypt_5.5.7+dfsg-1_amd64.deb b6bb02e6333470281fd175692cd4d3144a758245bc66df22f7dcd16d4e49c231 11980 php5-readline_5.5.7+dfsg-1_amd64.deb a74646476e6ddf1adc1b6125cfc55363d8d50977935f6891827d54e38032c3db 62838 php5-mysql_5.5.7+dfsg-1_amd64.deb 378e4ed7f6bc0faec6dad875962268646570aaeceaf74aca6c9f685dfbfa58fd 134724 php5-mysqlnd_5.5.7+dfsg-1_amd64.deb 9a97be4995c5f4f98eb58953bb02c8b538e46b447a5d5d856d3e34141a5259e5 30180 php5-odbc_5.5.7+dfsg-1_amd64.deb e2660de798b935a8ad2276024390b7f183eead08ad9ec8ab3dd98d0060e693b6 51448 php5-pgsql_5.5.7+dfsg-1_amd64.deb b087f9371a33ae4d6465aa4cd2265d562364e15d471a364763cef1c22127d48f 8016 php5-pspell_5.5.7+dfsg-1_amd64.deb 3e5627e5362e73bc66d631587eea073b17615b75068a7ce813a784af196ece5e 5388 php5-recode_5.5.7+dfsg-1_amd64.deb 9368c20282563038838b113fd28649c5f6f22f2c36525282bb0feb4b9d633e5d 19058 php5-snmp_5.5.7+dfsg-1_amd64.deb 357cc22ecb28de7698c2253d36d949e644c3a5d80ab1baf0d3ce6110c0ffe646 24042 php5-sqlite_5.5.7+dfsg-1_amd64.deb b02ec4081183def8e94257fe0a7bc6861f62008564230eb1a87fa9431c79265e 23822 php5-sybase_5.5.7+dfsg-1_amd64.deb e17a641ccaa26b8e1942617760dc73f10d9014222fdbfc3d5333911aadea242a 16112 php5-tidy_5.5.7+dfsg-1_amd64.deb 05c844f475c28b865f666b50d9743c12446c12ba82bbfd1eec0b5e80ef4b2f0e 35018 php5-xmlrpc_5.5.7+dfsg-1_amd64.deb f9a75f6282c57e28897caae105b936ae70b5b4a047f3136ff20fcacebbacdd8a 13734 php5-xsl_5.5.7+dfsg-1_amd64.deb Files: 15e2546d9abb13128abaee545d8c008a 3956 php optional php5_5.5.7+dfsg-1.dsc 77af51aea5a078bd34a1ccd55297d98a 10823400 php optional php5_5.5.7+dfsg.orig.tar.xz c5ad4c4b128652734534ed1d76a033be 135646 php optional php5_5.5.7+dfsg-1.debian.tar.gz 0d8853b0adf2933e9a18aff0136a44ae 1254 php optional php5_5.5.7+dfsg-1_all.deb 1a7b5923d5b85abb2f0e40b32b9b3e21 266898 php optional php-pear_5.5.7+dfsg-1_all.deb 5c591994bb1911d045720ef7c338ea9d 352862 php optional php5-common_5.5.7+dfsg-1_amd64.deb 5cb41865ca5a040f6b6fd4d712fc5cd6 2137580 httpd optional libapache2-mod-php5_5.5.7+dfsg-1_amd64.deb 94c04c1d5859bf047f183d6ac1e24fd5 2136906 httpd extra libapache2-mod-php5filter_5.5.7+dfsg-1_amd64.deb a3dd1b05febccfa3146dea0326a1e798 4105944 php optional php5-cgi_5.5.7+dfsg-1_amd64.deb e42e8fcfe4de19ff11106745437c92fd 2090410 php optional php5-cli_5.5.7+dfsg-1_amd64.deb 8ff7d986fe83743ae5ab4a7c6ce1ad47 2116214 php optional php5-fpm_5.5.7+dfsg-1_amd64.deb 785000284d0c48beaaa6927e29df767b 2134202 php optional libphp5-embed_5.5.7+dfsg-1_amd64.deb 3f7d66cb959c39950d039320243b4d57 349644 php optional php5-dev_5.5.7+dfsg-1_amd64.deb 599f8d4b2a0da3af200a2577666c3cf0 30295604 debug extra php5-dbg_5.5.7+dfsg-1_amd64.deb 109ad4f3ea3bfe0c500b0075f5424efe 27034 php optional php5-curl_5.5.7+dfsg-1_amd64.deb a1815f0187ea1bbb42a219dbab107011 9068 php optional php5-enchant_5.5.7+dfsg-1_amd64.deb 726dc42e715b4e279532fedf97b37bde 27430 php optional php5-gd_5.5.7+dfsg-1_amd64.deb 2a94a84971b57dd0decd9893edd525d1 14624 php optional php5-gmp_5.5.7+dfsg-1_amd64.deb b455452bab05314804ff4a383223ac6b 30014 php optional php5-imap_5.5.7+dfsg-1_amd64.deb 8d44371419a0bd79230b1bacde937e37 41398 php optional php5-interbase_5.5.7+dfsg-1_amd64.deb 9c72ab839eab243b384f6b65506276fc 108566 php optional php5-intl_5.5.7+dfsg-1_amd64.deb d2c51f04df57c8fc19c028e82c810d58 18906 php optional php5-ldap_5.5.7+dfsg-1_amd64.deb 7645112ae3d966f10798c9c7be7f930f 13998 php optional php5-mcrypt_5.5.7+dfsg-1_amd64.deb f19af1eb11b8ccd328b8d7c9a1078e4c 11980 php optional php5-readline_5.5.7+dfsg-1_amd64.deb 27a69b2f03e4d0de5b78b2266388585b 62838 php optional php5-mysql_5.5.7+dfsg-1_amd64.deb 4d91d7dcd579fd14399381db83c3c078 134724 php extra php5-mysqlnd_5.5.7+dfsg-1_amd64.deb 29c32386e574b66c96cbd2a3aa286af3 30180 php optional php5-odbc_5.5.7+dfsg-1_amd64.deb 176a1f1d0a579eb0f39bf136fba92264 51448 php optional php5-pgsql_5.5.7+dfsg-1_amd64.deb 069e1b7d77e793d335454d6478a561e1 8016 php optional php5-pspell_5.5.7+dfsg-1_amd64.deb 598454bf551b8b9c53c42a1ff6501464 5388 php optional php5-recode_5.5.7+dfsg-1_amd64.deb fdf34c30bc0556cb8683905239b64a8f 19058 php optional php5-snmp_5.5.7+dfsg-1_amd64.deb 53fb3ec09be1aa9b0d5674d0f46b8019 24042 php optional php5-sqlite_5.5.7+dfsg-1_amd64.deb ce821527bbc4ed938fb6793c07e4c1c3 23822 php optional php5-sybase_5.5.7+dfsg-1_amd64.deb 1de799d8bae88ffa4a8167aff459e285 16112 php optional php5-tidy_5.5.7+dfsg-1_amd64.deb b6ad1bbc3e5b34d3f1f4ce63d29c02f6 35018 php optional php5-xmlrpc_5.5.7+dfsg-1_amd64.deb 2477957caf0d8a2d592ba4913e0549e4 13734 php optional php5-xsl_5.5.7+dfsg-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlKqHqMACgkQ9OZqfMIN8nPGiQCgizsjCeevJDU4ZDDJfXdruMWE FzoAoIV+gpZ7jKsaZVytME8sDPGKXUR7 =tRZj -----END PGP SIGNATURE-----
--- End Message ---
